Article ID: 1408
Last Review: Oct 20, 2008
Type: Article
Recognizing "ISU Credit Union" phishing scam emails
Illinois State University has been targeted by phishing scam emails which appear to be sent by the ISU Credit Union.
Illinois State University has been the target of phishing emails which have the subject line, "Update Your Account." These emails appeared to have been sent by the ISU Credit Union, but they were not. They are phishing scam emails.
The phishing email (Figure 1) contains a link to a fake "ISU Credit Union" website (Figure 2). You may be asked to provide:
- Credit card number
- Credit card expiration date
- Credit card verification number
- ATM PIN
- Email address
Credit Card Fraud
The "ISU Credit Union" phishing emails try to trick you into entering your credit card and ATM information on a fake credit union website.
Do not follow the instructions in the phishing email or on the fake website. You will be sending your credit card and ATM information to criminals who will likely use the information to commit credit card fraud and ruin your credit rating.
You are in no danger so long as you ignore the phishing email and fake website, which are only there only to trick you. If you don't fall for it, you cannot be hurt.
Recognize Fake "ISU Credit Union" Emails and Website
If you receive a phishing email like the one described above, you should know how to recognize the emails and website as fakes.
- No Time Line, Harsh Penalty: The phishing email says your "account information needs to be updated ... However, failure to update your records will result in account suspension." We would expect an important notification like this—especially one that could result in account suspension—to include a date.
Hmm, that seems odd. It doesn't say when I have to complete this by or when my account will be suspended if I fail to act. Why do you suppose that is?
- Email/Website Discrepancies: The phishing email says click the following link to "login to your ISU Credit Union account." But when you click the link, it automatically brings up the "Update Your Account" web page—no login was required. If this website was legit, we would expect to log in before making changes to our account.
How does the website know who I am without logging in first? Why did the email tell me to log in to update my account, but then the website doesn't ask me to log in?
- Website Address: The web address for the fake "ISU Credit Union" is perhaps the biggest tip off that something is amiss. The linked address for the "ISU Credit Union" web page is http://oregonpaintball.com/0403/isu.php. This web address is clearly not the ISU Credit Union's web address. If the web address doesn't look familiar (even if the web page does look familiar), you should pause to consider why.
Wait a minute. What's the address again? Oregonpaintball.com? What does Oregon or paint ball have to do with the ISU Credit Union? Something's not right about this....
Thunderbird thinks this message might be an email scam.
If you use Thunderbird to get your email, it will warn you when it finds an email it thinks is a scam. Further, if you click a link that Thunderbird thinks is shady, it will warn you (Figure 3). Getting a warning from Thunderbird should be enough to put you on guard—even if you didn't notice anything weird at first.
Download Thunderbird and try it out.
Site Navigation
Copyright 2010 © Illinois State University
A unit of Computer Infrastructure Support Services
